QID 378990

Jira Service Management is Atlassian's service management solution for all teams.

CVE-2020-36518, CVE-2022-42003, CVE-2022-42004, CVE-2021-22569, CVE-2022-3171, CVE-2022-3509: The affected version of Atlassian JIRA Service Desk Server is affected by a Denial of Service (DoS) vulnerability

Affected Versions: Jira Service Management versions 4.20.0, 4.20.1, 4.20.2, 4.20.3, 4.20.4, 4.20.5, 4.20.6, 4.20.7, 4.20.8, 4.20.9, 4.20.10, 4.20.11, 4.20.12, 4.20.13, 4.20.14, 5.4.0, 4.20.15, 5.4.1, 4.20.16, 5.5.1, 4.20.17, 5.4.2, 5.6.0, 5.4.3, 4.20.18, 5.7.0, 4.20.19, 5.4.4, 5.8.0, 4.20.20, 4.20.21, 5.4.5, 4.20.22, 5.4.6, 5.9.0, 4.20.23, 5.4.7, 4.20.24, 5.4.8, 5.10.0, 4.20.25, 5.4.9, 5.4.10, 4.20.26

QID detection Logic:
Windows: This QID checks for installed vulnerable ersion of Atlassian Jira Service Management (formerly named Jira Service Desk) by enumerating windows registries.
Linux: This QID checks for installed vulnerable version of Atlassian Jira Service Management (formerly named Jira Service Desk) using ps command.

Successful exploitation of this vulnerability allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has no impact to confidentiality, no impact to integrity, high impact to availability, and requires no user interaction.